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DETAILED ACTION 



Information Disclosure Statement 

1 . The information disclosure statement (IDS) submitted on August 31 , 2001 is in 
compliance with the provisions of 37 CFR 1 .97. Accordingly, the information disclosure 
statement is being considered by the examiner. 

Specification 

2. The disclosure is objected to because of the following informalities: On page 1 , 
line 10, application 09/240,503 is cross referenced and the status of the application 
should be updated to indicate that the application is now abandoned. 

Appropriate correction is required. 



Claim Objections 

3. Claims 1 0 are 1 8 are objected to because of the following informalities: On line 
1 , it is recited of "at least one table" that is a lack of antecedent basis. It is unclear from 
the claim if the "table" is a "lookup table" or a "randomized table" as is claimed in claim 
1. Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
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A person shali be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

5. Claims 1-4,10-13,15,18,29,30,36-43,52,53,55, and 56 are rejected under 35 
U.S.C. 102(b) as being anticipated by Chari et al, entitled "Towards Sound Approaches 
to Counteract Power-Analysis Attacks". 

As per claim 1 , Chari et al discloses of a method comprising providing a data 
processing operation involving at least one lookup table, each particular table from said 
at least one lookup table having a particular lookup table size and a particular lookup 
table index size and creating at least one randomized table in which entries and/or 
indices are statistically independent from entries and/or indices of said at least one 
lookup table, each individual table from said at least one randomized table having a 
randomized table size, wherein a first sum of sizes of all said randomized tables is 
smaller than a second sum of sizes of all lookup tables, or the maximum index size of 
said randomized tables is less than the maximum index size of the lookup tables (see 
page 404, section 3.3). 

As per claim 2, it is taught by Chari et al of using one randomized table (see 
page 404, section 3.3). 

As per claim 3, it is disclosed by Chari et al of obtaining data processing 
operations (see page 404, section 3.3). 

As per claim 4, Chari et al discloses of creating a randomized table includes 
applying a Table Split operation to at least one of said lookup tables resulting in split 
lookup tables (see page 404, section 3.3). 
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As per claim 10, Chari et al teaches of the table is a table from a COMP128 
application (see abstract and page 404, section 3.3). 

As per claim 1 1 , it is disclosed by Chari et al of the number of elements in the 
lookup table is given by a power of two (see page 404, section 3.3). 

As per claim 12, Chari et al teaches of employing said at least one randomized 
table in a cryptographic process, applying said at least one randomized table for 
securely handling information in said cryptographic process (see page 404, section 3.3). 

As per claim 13, Chari et al discloses of prior to performing said cryptographic 
process, transforming the information by applying a secret-sharing operation to the 
elements of the information where each element of the information is related to multiple 
elements of the transformed information, performing the cryptographic process on the 
transformed information involving the use of said randomized table, and retransforming 
the transformed and cryptographically processed information by applying an inverse 
secret-sharing operation to the transformed and cryptographically processed 
information (see page 404, section 3.3). 

As per claim 15, Chari et al teaches of employing data processing operation as a 
countermeasure against a first order side channel attack (see page 405, section 3.4). 

As per claim 18, it is disclosed by Chari et al that a table is a table from an 
application of General Countermeasures Against Side-Channel Attacks (see page 405, 
section 3.4). 

As per claim 29, it is disclosed by Chari et al of that the number of elements in 
the lookup table is 200 (see page 404, section 3.3). 



Application/Control Number: 09/943,720 Page 5 

Art Unit: 2131 

As per claim 30, Chari et al discloses of an article of manufacture comprising 
computer readable program code embodied thereon for causing resistance to side 
channel attacks that provides a data processing operation involving at least one lookup 
table, each particular table from said at least one lookup table having a particular lookup 
table size and a particular lookup table index size and creating at least one randomized 
table in which entries and/or indices are statistically independent from entries and/or 
indices of said at least one lookup table, each individual table from said at least one 
randomized table having a randomized table size, wherein a first sum of sizes of all said 
randomized tables is smaller than a second sum of sizes of all lookup tables, or the 
maximum index size of said randomized tables is less than the maximum index size of 
the lookup tables (see abstract; page 404, section 3.3; page 405, section 3.4). 

As per claim 36, Chari et al teaches of a method comprising providing a data 
processing operation involving a first lookup table in a cryptographic process, said 
lookup table having a first lookup table size, creating a randomized table in which 
entries or indices are statistically independent of entries or indices of said first lookup 
table, said randomized table having a randomized table size being smaller than said 
first lookup table size, employing said randomized table for securely handling 
information in said cryptographic process prior to performing the cryptographic process, 
transforming the information by applying a secret-sharing operation to the elements of 
the information where each element of the information is related to multiple elements of 
the transformed information, performing the cryptographic process on the transformed 
information involving the use of said randomized table, and retransforming the 
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transformed and cryptographically processed information by applying an inverse secret- 
sharing operation to the transformed and cryptographically processed information (see 
page 404, section 3.3 and page 405, section 3.4). 

As per claim 37, it is taught by Chari et al of using one randomized table (see 
page 404, section 3.3). 

As per claim 38, it is disclosed by Chari et al of the cryptographic process is 
performed in a cryptographic information processing system (see abstract). 

As per claim 39, Chari et al discloses a chip card comprising a module for 
providing a data processing operation involving at least one lookup table, each 
particular table from said at least one lookup table having a particular lookup table size 
and a particular lookup table index size and creating at least one randomized table in 
which entries and/or indices are statistically independent from entries and/or indices of 
said at least one lookup table, each individual table from said at least one randomized 
table having a randomized table size, wherein a first sum of sizes of all said randomized 
tables is smaller than a second sum of sizes of all lookup tables, or the maximum index 
size of said randomized tables is less than the maximum index size of the lookup tables 
(see section 1 , page 398 and page 404, section 3.3). 

As per claim 40, Chari et al teaches of a fixed lookup table (page 404, section 

3.3). 

As per claim 41 , it is disclosed by Chari et al of an apparatus for a randomizer 
module to create at least one randomized table in which entries and/or indices are 
statistically independent of entries; and/or indices of any table from a provided set of 
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lookup tables, each individual table from said at least one randomized table having a 
randomized table size, wherein: a first sum of sizes of all said randomized tables is 
smaller than a second sum of sizes of all said at least one lookup tables, or the 
maximum index size of said randomized tables is less than the maximum index size of 
the lookup tables; and a processing module to perform said data processing operation 
employing said first randomized table (page 404, section 3.3). 

As per claim 42, Chari et al teaches that the randomized module forms the 
provided set of lookup tables (see page 404, section 3.3). 

As per claim 43, it is taught by Chari et al that the randomizer module includes a 
splitting module to perform a table split operation upon the subset of the set of lookup 
tables resulting in split lookup tables (see page 404, section 3.3). 

As per claim 52, Chari et al discloses of an article of manufacture comprising 
computer readable program code embodied thereon for causing resistance to side 
channel attacks that provides a data processing operation involving a first lookup table 
in a cryptographic process, said lookup table having a first lookup table size, creating a 
randomized table in which entries or indices are statistically independent of entries or 
indices of said first lookup table, said randomized table having a randomized table size 
being smaller than said first lookup table size, employing said randomized table for 
securely handling information in said cryptographic process prior to performing the 
cryptographic process, transforming the information by applying a secret-sharing 
operation to the elements of the information where each element of the information is 
related to multiple elements of the transformed information, performing the 
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cryptographic process on the transformed information involving the use of said 
randomized table, and retransforming the transformed and cryptographically processed 
information by applying an inverse secret-sharing operation to the transformed and 
cryptographically processed information (see abstract; page 404, section 3.3 and page 
405, section 3.4). 

As per claim 53, Chari et al discloses of a program storage device readable by a 
machine, tangibly embodying a program of instructions executable by a machine for 
causing resistance to side channel attacks that provides a data processing operation 
involving at least one lookup table, each particular table from said at least one lookup 
table having a particular lookup table size and a particular lookup table index size and 
creating at least one randomized table in which entries and/or indices are statistically 
independent from entries and/or indices of said at least one lookup table, each 
individual table from said at least one randomized table having a randomized table size, 
wherein a first sum of sizes of all said randomized tables is smaller than a second sum 
of sizes of all lookup tables, or the maximum index size of said randomized tables is 
less than the maximum index size of the lookup tables (see abstract; page 404, section 
3.3; page 405, section 3.4). 

As per claim 55, Chari et al teaches of a program storage device readable by a 
machine, tangibly embodying a program of instructions executable by a machine for 
causing resistance to side channel attacks that provides a data processing operation 
involving a first lookup table in a cryptographic process, said lookup table having a first 
lookup table size, creating a randomized table in which entries or indices are statistically 
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independent of entries or indices of said first lookup table, said randomized table having 
a randomized table size being smaller than said first lookup table size, employing said 
randomized table for securely handling information in said cryptographic process prior 
to performing the cryptographic process, transforming the information by applying a 
secret-sharing operation to the elements of the information where each element of the 
information is related to multiple elements of the transformed information, performing 
the cryptographic process on the transformed information involving the use of said 
randomized table, and retransforming the transformed and cryptographically processed 
information by applying an inverse secret-sharing operation to the transformed and 
cryptographically processed information (see abstract; page 404, section 3.3; and page 
405, section 3.4). 

As per claim 56, it is disclosed by Chari et al of a computer program product 
comprising a computer useable medium having computer readable program code 
embodied thereon for causing resistance to side channel attacks that provides a 
randomizer module to create at least one randomized table in which entries and/or 
indices are statistically independent of entries; and/or indices of any table from a 
provided set of lookup tables, each individual table from said at least one randomized 
table having a randomized table size, wherein: a first sum of sizes of all said 
randomized tables is smaller than a second sum of sizes of all said at least one lookup 
tables, or the maximum index size of said randomized tables is less than the maximum 
index size of the lookup tables; and a processing module to perform said data 
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processing operation employing said first randomized table (see abstract; page 404, 
section 3.3; and page 405, section 3.4). 

Allowable Subject Matter 

6. Claims 5-9,14,16,17, and 44-48 are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in independent form including all 
of the limitations of the base claim and any intervening claims. 

7. Claims 19-28,31-35,49-51,54, and 57 are allowed. 

8. The following is a statement of reasons for the indication of allowable subject 
matter: 

It was not found to be taught in the prior art of performing a table split operation 
on a lookup table to form a collection of split tables, performing a table mask operation 
on the collection of split tables, performing a table aggregate operation on at least two 
of the plurality of masked tables, and performing data processing operations on a 
combination of the split, masked, aggregate, and lookup tables. 

Conclusion 

9. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Kocher et al, US 2001/0053220 discloses of preventing differential power 
analysis attacks. 
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Kocher et al, US 2001/0002486 discloses of preventing leakage in cryptographic 
processing systems. 

Benoit, U.S. Patent 6,820,814 discloses of countermeasures using secret key 
algorithms. 

Singer, U.S. Patent 6,724,894 discloses of reducing vulnerability to side channel 
attacks. 

Patarin et al, U.S. Patent 6,658,569 discloses of protecting against physical 
attacks by using secret keys. 

Kocher et al, U.S. Patent 6,381 ,699 discloses of discloses of preventing leakage 
in cryptographic processing systems. 

Kocher et al, U.S. Patent 6,304,658 discloses of preventing leakage in 
cryptographic processing systems. 

Messerges et al, U.S. Patent 6,295,606 discloses of preventing leakage in 
cryptographic processing systems. 

Kocher et al, U.S. Patent 6,278,783 discloses of minimization of leakage for 
smart cards to improve cryptographic protocols. 

Kocher et al, "Differential Power Analysis" discloses of preventing leakage in 
cryptographic processing systems. 

1 0. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christopher A. Revak whose telephone number is 571- 
272-3794. The examiner can normally be reached on Monday-Friday, 6:30am-4:00pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR.only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Christopher Revak 
AU2131 





